Stack-Based Buffer Overflow in D-Link DIR-822+
CVE-2024-34950

7.5HIGH

Key Information:

Vendor: D-Link
Status: Dir-822\+ Firmware
Vendor: CVE Published:; 14 May 2024

What is CVE-2024-34950?

The D-Link DIR-822+ version 1.0.5 has been identified to possess a stack-based buffer overflow vulnerability within its SetNetworkTomographySettings module. This vulnerability could allow an adversary to execute arbitrary code on the affected device, leading to potential unauthorized access and manipulation of network configurations. Proper mitigation and updates are essential to safeguard against potential exploitation.

References

https://dear-sunshine-ba5.notion.site/D-Link-DIR-822-v1-0...

EPSS Score

14% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2024